(RADIATOR) multiple dictionary files not working with server and radpwtest, and some VSAs failing
Hugh Irvine
hugh at open.com.au
Tue Sep 28 10:38:59 CDT 2004
Hello Tariq -
Multiple dictionaries work fine with Radiator 3.9:
perl radiusd -foreground -log_stdout -trace 4 -config_file test.cfg
Tue Sep 28 17:34:34 2004: DEBUG: Finished reading configuration file
'test.cfg'
Tue Sep 28 17:34:34 2004: DEBUG: Reading dictionary file './dictionary'
Tue Sep 28 17:34:34 2004: DEBUG: Reading dictionary file '
./dictionary.ascend'
Tue Sep 28 17:34:34 2004: DEBUG: Creating authentication port
0.0.0.0:1645
Tue Sep 28 17:34:34 2004: DEBUG: Creating accounting port 0.0.0.0:1646
Tue Sep 28 17:34:34 2004: NOTICE: Server started: Radiator 3.9 on
TiTi.local
The dictionary defintion from the standard Radiator 3.9 dictionary is
this:
VENDORATTR 2352 RB-Context-Name 4 string
regards
Hugh
On 28 Sep 2004, at 16:53, Tariq Rashid wrote:
>
> hi - 2 issues here:
>
> i am working with testing a new NAS hardware from Redback. they have
> supplied their own dictionary file with their VSAs defines.. no issue
> there.
>
>
> however,
>
> 1. when i start the radiator 3.8 server with command line pointers to
> dictionaries (comma separated) the second seems to be ignored. it
> works when
> i append the second VSA dictionary to the first. how do i know it
> doesn't
> work, well theoutgoing reply packet does not contain the required VSA
> but
> does when using the appended dictionary.
>
> the same appears to be true for the radpwtest client. if i use a
> comma
> separated list (as per help text) the second is ignored, but wheni use
> the
> appended dictionary, the trace 5 dumps do show tghe correct attributes.
>
> 2. now using the working appended dictionary, i also find that the VSA
> is
> not obtained from a backend LDAP server, when all others are. for
> example,
> Cisco-AVPairs are obtained and sent out fine, but the new VSA
> RB-Context-Name = "lns"
> is not. they are obtained in the main radius.cfg file using the
> AuthAttrDef dialAttr,GENERIC,request
> in the <AuthBy LDAP2> sections ... where dialAttr is the multivalued
> ldap
> field.
> to get around this i am hardcoding the add_attr in a hook file.
>
> any thoughts much appreciated.
>
> tariq
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: I am travelling this week, so there may be delays in our
correspondence.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list